Nothing Special   »   [go: up one dir, main page]

CN107846394B - System and method for providing customers with access to different services of a service provider - Google Patents

System and method for providing customers with access to different services of a service provider Download PDF

Info

Publication number
CN107846394B
CN107846394B CN201710841119.5A CN201710841119A CN107846394B CN 107846394 B CN107846394 B CN 107846394B CN 201710841119 A CN201710841119 A CN 201710841119A CN 107846394 B CN107846394 B CN 107846394B
Authority
CN
China
Prior art keywords
user
pseudonym
middleware
secret
service provider
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710841119.5A
Other languages
Chinese (zh)
Other versions
CN107846394A (en
Inventor
M.斯拜蒂
T.韦尔纳多
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Deutsche Telekom AG
Original Assignee
Deutsche Telekom AG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Deutsche Telekom AG filed Critical Deutsche Telekom AG
Publication of CN107846394A publication Critical patent/CN107846394A/en
Application granted granted Critical
Publication of CN107846394B publication Critical patent/CN107846394B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • H04L63/0421Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/40User authentication by quorum, i.e. whereby two or more security principals are required
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/41User authentication where a single sign-on provides access to a plurality of computers
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • G06F21/6254Protecting personal data, e.g. for financial or medical purposes by anonymising data, e.g. decorrelating personal data from the owner's identification
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/2866Architectures; Arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Medical Informatics (AREA)
  • Power Engineering (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The present invention relates to a system and method for providing access to different services of a service provider. The system includes at least a D-ID middleware (620) and a D-ID proxy (610), the user selecting one pseudonym whenever the user intends to access a desired one of the different services, the D-ID proxy (610) disclosing to the service provider a secret of a plurality of pseudonym-specific secrets and a corresponding authentication path derived from a pseudonym-specific Merkle tree (650), the service provider forwarding the pseudonym to the D-ID middleware (620) to receive a corresponding root value and a trust level, computing the root value based on the secret and the authentication path to verify whether it matches the root value for the pseudonym received from the D-ID middleware (620) to verify that the user is the owner of the pseudonym, and if so, the user is allowed to access a desired one of the different services in case the trust level of the selected pseudonym corresponds to a trust level required by at least one service provider. The invention also relates to a corresponding method.

Description

System and method for providing customers with access to different services of a service provider
Technical Field
The present invention relates to a system and method for providing a user with access to different services of one or more service providers in a network.
Background
In recent years, operators and their industry association (Global System for Mobile Communications Assembly, GSMA) have taken several approaches to enhance their position in the value chain as identity providers in the digital world. The last method is called mobile connection and uses Subscriber Identity Module (SIM) or its derivatives to perform secure identification and authentication of the client and provide corresponding Application Programming Interface (API) to the service provider (e.g., Spotify or Banks) to implement secure and easy login process. However, Facebook and Google are leaders in this area due to their global coverage.
Furthermore, because Facebook/Google delivers several personal information and preferences about users/customers to The respective service providers, they are favored by Over The Top (OTT) services (such as online stores or streaming media services) as partners for identity and login.
There is an opportunity for operators to become consumers 'advocates through privacy and security claims that give more control over consumers' personal data, which is a major problem with Facebook and Google. Operators are considered more reliable for privacy and security than OTT competitors (particularly financial institutions). And in fact they are more reliable in most cases, since the operators must comply with the standards of their relevant regulatory authorities. However, existing and current solutions proposed by operators are Subscriber dependent, not user dependent (e.g., based on SIM or embedded Subscriber Identity Module (eSIM)). Thus, the user equipment needs to support a hardware-based solution for the respective operators, and furthermore, the users cannot simply share their equipment.
Disclosure of Invention
It is therefore an object of the present invention to enable a user to access different services within a network without having to generate, store and manage too many passwords, taking into account user-centric privacy.
A solution to this problem is given by a system and a method having the features of the independent claims. Embodiments of the system and method are described by the respective dependent claims and the following description.
The present invention provides a system for providing a user with respective access to different services of at least one service provider within a network via one and only user-dependent unique digital identifier (D-ID) in view of privacy and security.
The system includes at least D-ID middleware and a D-ID agent.
The D-ID agent is run only by the user, typically at least partially on any desired end device of the user, and is configured to generate the D-ID, at least one pseudonym of the user, and a user-defined and a plurality of pseudonym-specific (pseudonym-specific) secrets, calculate a root value (root) of a pseudonym-specific Merkle tree having the secret as its leaf using a plurality of secrets and a cryptographic hash function, send the at least one pseudonym and a corresponding root value (both encrypted using authentication and encryption methods) to the D-ID middleware, and use the secret of the plurality of secrets as needed to access one of the different services of the at least one service provider.
The user may select any suitable end device, e.g., any electronic or electromechanical hardware device on which the D-ID agent may be executed, at least in part. Thus, the D-ID agent can run on a mobile phone, a laptop, etc. The D-ID agent may be executed on a different processor.
The D-ID middleware is run by the operator and constitutes middleware for the authentication of the user's D-ID between the user's terminal device and at least one service provider. The D-ID middleware is configured to receive and maintain a D-ID of a user, a root element of the Merkle tree for each of the user's at least one pseudonym, and a trust level for each root element, the root element including a respective pseudonym and a corresponding root value.
The system is configured such that: whenever a user wants to access a desired one of the different services, the user has to select one of the at least one pseudonym, and on the basis of the selected pseudonym, the D-ID agent reveals a secret of the plurality of pseudonym-specific secrets and a corresponding authentication path derived from the pseudonym-specific Merkle tree to the service provider, which forwards the pseudonym to the D-ID middleware in order to receive the corresponding root value and trust level, and calculates the root value based on the secret and the authentication path and verifies whether it matches the root value received from the D-ID middleware for the pseudonym, thus verifying that the user is the owner of the pseudonym, and if so, allowing the user to access the desired service if the trust level of the selected pseudonym corresponds to the trust level required by the at least one service provider.
According to one embodiment of the proposed system, the D-ID is defined by the user and verified via appropriate means, such as a personal ID through D-ID middleware.
According to a further possible embodiment of the proposed system, the trust level is assigned by the middleware on the basis of at least one pseudonym and the corresponding root value is sent from the D-ID agent to the D-ID middleware.
In addition, for each root element, the middleware is configured to store a current secret counter in addition to the respective pseudonym and corresponding root value.
The secret counter is set to zero when at least one pseudonym is generated, and the secret counter is automatically incremented by one each time the user uses a secret of the plurality of pseudonym-specific secrets.
The D-ID middleware is summarized as follows. D-ID middleware is middleware for the verification of a user's ID between the user (i.e., the user's terminal device actually used to access the desired service) and a service provider. The D-ID middleware may be run, for example, by a telecommunications carrier, or by any other organization. FIG. 1, which will be described later, provides an overview of the information maintained by the D-ID middleware. The D-ID middleware manages the following information about its users:
a user's D-ID, which is a unique identifier that can be selected by the user and verified by the provider of the D-ID middleware via an appropriate means (e.g., a personal ID);
several Merkle tree root elements per user (these are generated by the user and sent to the middleware) and corresponding trust level per root element (this is assigned by the middleware based on the sending method (i.e., the authentication and encryption method used)).
For each root element, the following parameters are stored:
customizing the name;
a corresponding root element value (root value);
the current secret counter (S counter).
Hereinafter, the three information listed above are designated as root elements. It is also noted that the secret counter (hereinafter also referred to as the S counter) is always zero at the beginning, and that the S counter is incremented by one each time the user uses the secret to access the service.
According to a further embodiment, each of the plurality of alias-specific secrets is constructed on the basis of the alias, a current secret counter (i.e., a current value of the secret counter) and a random value.
According to a further embodiment of the system of the present invention, each secret of the plurality of alias-specific secrets is a one-time secret that can only be used once to access a service of the service provider.
The user may generate different pseudonyms for corresponding different types of services. However, the user may also generate different pseudonyms for the same type of service. This means that the user can generate at least one pseudonym for each service and thus the service provider and others can never track the user activity.
In one possible embodiment of the system according to the invention, the D-ID agent runs partly in the secure cloud. This means that the D-ID agent is partially run on the corresponding user's terminal device actually used by the user to access the desired service and partially run in the secure cloud.
The system according to the invention leads to the following quality features:
it is an agnostic device and authentication method; the user can use his smart phone and notebook computer
Brain, Internet of things (IoT), or any conventional or new authentication method accompanied therewith
The other(s);
the method takes a user as a center, and the user has great control right on the D-ID and the privacy thereof;
it has the feature of a post-quantum security mechanism with low computational overhead;
it is dynamic, i.e., it may change in real time, as well as dynamically changing its trust level;
it is easily shared at the traffic level.
By using the system according to the invention, the user is enabled to get corresponding access to different services provided by different service providers, which services furthermore require different security/trust levels, from one terminal device or from different terminal devices by using one unique user related unique digital identifier (D-ID). The system even enables the user to achieve privacy not only for third parties, but even for the respective service provider.
Quantum computational studies directly use theoretical computational systems (quantum computers) of quantum mechanical phenomena, such as superposition and entanglement, to perform operations on data. Large-scale quantum computers are theoretically capable of solving certain problems, such as integer factorization using the xiuer's algorithm, faster than any conventional computer using even the best currently known algorithms. There are quantum algorithms, such as Simon's, that run faster than any possible probabilistic classical algorithm. On the other hand, quantum computers can effectively solve the problems underlying many cryptographic methods, and thus make these cryptographic methods infeasible. However, the system and method according to the present invention provide Post quantum security because both use hash-based cryptography in the form of Merkle trees, and hash-based cryptography is secure to quantum computers (see, e.g., https// en. wikipedia. org/wiki/Post-quantum _ cryptograph).
The invention also relates to a method for providing a user with access to at least one service, typically a different service, of at least one service provider in a network via one only user-related unique digital identifier (D-ID) by ensuring security and privacy. The method at least comprises the following steps:
providing a D-ID agent running at least in part on any desired user's terminal device;
generating, by the D-ID agent, a D-ID of the user, at least one pseudonym of the user, and a plurality of user-defined and pseudonym-specific secrets;
calculating, by the D-ID proxy, a root value of a pseudonym-specific Merkle tree having the secret as its leaf using a plurality of secrets and a cryptographic hash function;
sending, by the D-ID agent to the D-ID middleware, at least one pseudonym and a corresponding root value, each encrypted using an authentication and encryption method;
providing D-ID middleware as middleware for authentication of the user's D-ID between the user and at least one service provider;
for each of the at least one pseudonym of the user, receiving and maintaining, by the D-ID middleware, a D-ID of the user, a root element of the Merkle tree for each of the at least one pseudonym of the user, and a trust level for each root element, the root element including the respective pseudonym and a corresponding root value, an
Selecting one of the at least one pseudonym when the user intends to access a desired one of the different services of the at least one service provider, revealing, by the D-ID agent, a secret of the plurality of pseudonym-specific secrets and a corresponding authentication path derived from the pseudonym-specific Merkle tree to the service provider, forwarding, by the service provider, the pseudonym to the D-ID middleware for receiving a corresponding root value and trust level, and calculating, by the service provider, a root value based on the secret and the authentication path and verifying, by the service provider, whether it matches the root value for the pseudonym received from the D-ID middleware, thus verifying that the user is the owner of the pseudonym, and if so, allowing the user to access a desired service if the trust level of the selected pseudonym corresponds to the trust level required by the at least one service provider.
According to an embodiment of the method of the present invention, the trust level is assigned by the middleware based on the way at least one pseudonym and the corresponding root value are sent from the D-ID proxy to the D-ID middleware.
Thus, when sending the at least one pseudonym and the corresponding root value, both encrypted, to the D-ID middleware, it is further possible to update the trust level by using another authentication and encryption method. Authentication methods/protocols are methods typically used to identify (i.e., verify the identity of) a user, and to ensure that the user is active (no replay attacks) in the best case. Examples of such authentication methods include Kerberos, IPsec, certificate-based Secure Sockets Layer (SSL), password-based SSL, any Single Sign-On Solution (Single Sign On Solution), and the like. The encryption method is used to encrypt data. Typically, during the authentication method, a key is derived, which is then used by the encryption method. Examples of such Encryption methods are Advanced Encryption Standard (AES), SNOW, 3G or any Encryption mechanism.
In case the user intends to access a desired one of the different services of the at least one service provider, the service provider also receives the secret counter of the last used secret from the D-ID middleware and further verifies that the secret counter of the currently selected secret is equal to or larger than the secret counter of the last used secret.
According to a further embodiment of the claimed method, in case the access to the desired service requires charging and the service provider is not allowed to get the D-ID of the user, the charging information is taken over by the D-ID middleware and the D-ID middleware acts as a charging proxy.
The following detailed description and the accompanying drawings provide a better understanding of the nature and advantages of the present invention.
Drawings
FIG. 1 presents a schematic view of an overview of information maintained by D-ID middleware provided by an embodiment of a system in accordance with the present invention;
FIG. 2 shows an example of a Merkle tree generated by a D-ID agent provided by another embodiment of a system according to the present invention;
FIG. 3 schematically illustrates an exchange of information between a D-ID proxy and D-ID middleware provided by another embodiment of a system according to the present invention;
FIG. 4 illustrates schematically the assignment of trust levels performed by D-ID middleware provided by a further embodiment of a system according to the present invention;
FIG. 5 illustrates exemplary trust level updates for pseudonyms performed by D-ID middleware provided by yet another embodiment of a system in accordance with the present invention;
fig. 6 schematically shows a block diagram describing the functionality of an embodiment of the claimed system.
Detailed Description
Fig. 1 presents a schematic view of an overview of information maintained by D-ID middleware 100 provided by an embodiment of the system according to the present invention. The D-ID middleware 100 represents middleware between one or more users (not shown here) and service providers SP1, SP2, and SP 3. As shown in column 110 of table 150, the D-ID middleware maintains the corresponding D-IDs of one or more users. Each row of the table 150 is assigned to a user. Each user has a D-ID that the respective user can define himself. Column 110 further indicates which of the service providers SP1, SP2, and SP3, respectively, is allowed to know the D-ID of the corresponding user. As indicated by the first row of column 110, service providers SP1 and SP2 are allowed to know the D-ID "Msbeiti" of user A (user A is not shown in FIG. 1). Other service providers, such as service provider SP3, only know the pseudonym of user a. As indicated in the second row of column 110, the service providers SP1 and SP3 are allowed to know the D-ID "Twernado" of user B (user B is not shown in FIG. 1). Other service providers, such as service provider SP2, only know the pseudonym of user B. As indicated by ". said." in the third row of column 110, the D-ID middleware is capable of storing and maintaining additional D-IDs and corresponding permissions for the corresponding service providers. In column 120, the D-ID middleware is instructed to further manage the root elements of the different users. Each root element includes at least a current secret counter as shown in column 121, a root value as indicated in column 122, and a pseudonym as shown in column 123. In the example shown here, user A, assigned to the first row of table 150, has two alias names TempAnonym1 and TempAnonym2 as listed in the first row of column 123 of table 150. For each alias, exactly one root value (column 122) is generated and stored. For the pseudonym "TempAnonym 1", a root value "acvojifjowjfewoj" is generated. For the pseudonym "TempAnonym 2," the root value "slhsljhslkjdhlshh" is generated. The root value is generated by a D-ID agent (not shown here). The pseudonym, the root value corresponding to the pseudonym, and the current secret counter together form a root element, which is constructed by the D-ID agent and transmitted to the D-ID middleware 100 by using a specific transmission method. The D-ID middleware assigns each root element a particular trust level based on the sending method as shown in column 130. This means that, for example, the root element (25, avojifjowijfewoj, TempAnonym1) is assigned a trust level of "high", and the root element (12, slhsljhslkjdhlshh, TempAno-nym2) is assigned a trust level of "low". Both root elements are assigned to user A by D-ID "Msbeiti".
User B with the alias "Twernado" is assigned a root element (13, Sdhfkdsjhkjdshs, Temponyym 3). The D-ID middleware assigns the trust level "in" to the root element.
Different service providers SP1, SP2 and SP3 require different trust levels. The service provider SP1 requires the trust level "high", SP2 requires the trust level "medium" and SP3 requires the trust level "low". The user (and the owner of this pseudonym) can access the service only if the trust level of the pseudonym corresponds to the trust level required by the respective service provider from which the respective service is requested, as long as all other access conditions are fulfilled.
Fig. 2 schematically shows the generation process of a root element provided for each user when using an embodiment of the system according to the invention. D-ID proxy Generation 2 whenever the user wishesnWhere n is a user-specified configuration parameter. Each secret has a format 220 as depicted at the bottom of fig. 2. Thus, the secret consists of the user's pseudonym 223, the secret counter 221 and the random value 224.
Using these secrets and the cryptographic hash function, the D-ID agent computes the root value of the Merkle tree 200 with the secret as its leaf. In the example shown here, the user has designated the configuration parameter n as "2" so that the D-ID proxy generates four Secret Secrets1、Secret2、Secret3And Secret4. Four values h are generated by applying a Hash function "Hash" to each secret, respectively1、h2、h3And h4. Respectively combine two values h1And h2And h3And h4Thus forming two values h respectively12And h34. Combining the two values h by applying the function "hash12And h34Thereby forming a root value.
FIG. 3 illustrates an example exchange between a D-ID proxy 310 and D-ID middleware 320 provided by an embodiment of a system in accordance with the present invention. The D-ID agent 310 generates a D-ID for the corresponding user, or the corresponding user defines and specifies a D-ID, and the D-ID agent 310 sends the D-ID to the D-ID middleware 320 using any supported devices and authentication methods 311. In addition, the D-ID agent 310 transmits the pseudonym selected by the corresponding user to the D-ID middleware 320 via the encrypted pseudonym negotiation 312. The D-ID agent 310 verifies that the pseudonym is unique through the D-ID middleware 320, otherwise the D-ID agent 310 regenerates the pseudonym. The D-ID agent 310 then submits the root value 313 corresponding to the newly generated pseudonym to the D-ID middleware 320. As the authentication method SIM, a password, biometrics, or the like may be used. Note that the user can generate different pseudonyms: one for education, one for sports, etc.
D-ID middleware 320 assigns a trust level based on the manner in which pseudonyms and corresponding root values are sent to D-ID middleware 320. By the "transmission mode", the authentication method and the device type are predetermined.
In step 314, D-ID middleware 320 updates a table maintained by the D-ID middleware for the different users (e.g., as shown in FIG. 1).
FIG. 4 depicts the assignment of trust levels. The D-ID agent uses a different device, i.e. the D-ID agent runs at least partly on a different device. The D-ID agent uses device a in cases 401 and 402 and device C in case 403. In addition, the D-ID agent uses a different authentication method (authentication method A or authentication method B) in order to transmit the user's D-ID to the D-ID middleware 400. In the first transmission mode 405, the D-ID agent uses device a and authentication method a, in the second transmission mode 406, the D-ID agent uses device a and authentication method B, and in the third transmission mode 407, the D-ID agent uses device C and authentication method B. D-ID middleware 400 stores a respective trust level 430 as indicated in the table for each transmission mode used by the D-ID agent (i.e., for each combination of device type 410 and authentication method 420).
The combination "authentication method a/device type a" is assigned a trust level "high". The combination "authentication method a/device type B" is assigned to the trust level ". The combination "authentication method C/device type B" is assigned to the trust level "low".
Fig. 5 schematically shows how the trust level of a user's pseudonym is changed and adjusted to any requirements (e.g. requirements for a service provider that the user wants to access its services). When submitting an alias and corresponding root value to D-ID middleware 520, a user (i.e., D-ID agent 510) can adjust the trust level of an existing root element 512 at any time using another device and/or another authentication method 511.
Fig. 6 schematically shows a block diagram describing the functionality of an embodiment of the claimed system.
Fig. 6 shows a D-ID agent 610, D-ID middleware 620, and a service provider SP 630. A user (not shown) wants to access a service provided by the service provider SP 630. In order to use the service, the service provider SP630 requires the trust level "high". Whenever the user wants to access a service of the service provider SP630, he selects one of the pseudonyms he wants to use for that service, the D-ID proxy 610 then reveals the Secret to the service provider SP630 in step 6111And a corresponding authentication path (Secret)1,h2,h34) (which is derived from the Merkle tree generated and stored appropriately). The service provider SP630 forwards the pseudonym to the D-ID middleware 620 in step 621 in order to receive the corresponding root value, trust level, counter of the last used secret and, if allowed, the D-ID in step 622. Based on Secret1、h2And h34The service provider SP630 itself calculates the root value 652 in step 662 and verifies in step 655 whether it matches the root value 651 for the pseudonym it received by the service provider SP630 from the D-ID middleware 620, whereby the root value 651 is generated from the Merkle tree 650 generated by the D-ID agent 610 and stored by the D-ID middleware 620. The manner how root values 651 are derived from Merkle tree 650 is indicated via the dashed box. If root values 651 and 652 are equal, and if Secret is found in step 6611Is equal to S-counternewService provider SP630 may ensure Secret in step 6601Is new and the user/D-ID agent 610 is the owner of the pseudonym (without knowing the identity of the user). As a result, if the trust level of the pseudonym corresponds to the trust level required to access the service of the service provider SP630, the user accesses the service. Each time the service provider SP630 successfully authenticates the user (i.e. its signature, alias, root value) after contact with the middleware 620, the D-ID middleware 620 increments the S counter by one, i.e. the S counter is incremented only in case of successful authentication. Requiring billing at access to servicesAnd the service provider SP630 is not allowed to get the user's D-ID, the charging information is taken over by the D-ID middleware, i.e. the D-ID middleware 620 acts as a charging proxy. The computational overhead is indicated by 660. Secret1Is designated 670, and thus the secret consists of pseudonym 672, S counter 674, and random value 675.
Therefore, the identity of the user is not revealed to the service provider SP 630. Furthermore, using a Merkle tree, such as Merkle tree 650, the system is robust to quantum computers. Most importantly, the computational overhead 660 of the verification in FIG. 6 is more than 50 times faster than the asymmetric cryptography widely used in contexts such as that described by Sbeiti M. In addition, if the D-ID agent 610 is partially running in the cloud, i.e., the secrets are stored in a secure cloud, users can simply share their devices. The user enters his D-ID in the D-ID agent 610 running on any device, and the D-ID agent will keep all the rest and only the current user will be charged (similar to temporarily using a computer in a computer center (Rechenzentrum)).

Claims (15)

1. A system for providing a user with respective access to different services of at least one service provider in a network via one only user related unique digital identifier (D-ID) in view of privacy and security, the system comprising at least a D-ID middleware (100, 320, 400, 520, 620) and a D-ID agent (310, 510, 610), wherein:
the D-ID agent (310, 510, 610) runs at least in part on any desired end device of the user and is configured to: generating the D-ID, at least one pseudonym of the user, and a plurality of user-defined and pseudonym-specific secrets; computing a root value of a pseudonym-specific Merkle tree (200,650) having the secret as its leaf using the plurality of secrets and a cryptographic hash function; sending the at least one pseudonym and the corresponding root value, each encrypted using an authentication and encryption method, to the D-ID middleware (100, 320, 400, 520, 620); and using a secret of the plurality of secrets, as needed, to access a desired one of the different services of the at least one service provider (SP1, SP2, SP3, SP630),
the D-ID middleware (100, 320, 400, 520, 620) being run by an operator and constituting middleware for verification of the user's D-ID between the user's terminal device and the at least one service provider, the D-ID middleware (100, 320, 400, 520, 620) being configured to receive and maintain the user's D-ID, a root element of the Merkle tree for each of the user's at least one pseudonym, and a trust level for each root element, the root element comprising the respective pseudonym and a corresponding root value,
wherein each time the user intends to access a desired service of the one of the different services of the at least one service provider (SP1, SP2, SP3, SP630), the user selects one of the at least one pseudonym, and the D-ID agent (310, 510, 610) reveals to the service provider (SP1, SP2, SP3, SP630) a secret of the plurality of pseudonym-specific secrets and a corresponding authentication path derived from the pseudonym-specific Merkle tree (200,650), the service provider (SP1, SP2, SP3, SP630) forwards a pseudonym to the D-ID middleware (100, 320, 400, 520, 620) for receiving the corresponding root value and trust level, and calculates a root value based on the secret and the authentication path and verifies whether it is compatible with the authentication path derived from the D-ID middleware (100, 320, 400, 520, 620) for the pseudonym, thereby verifying that the user is the owner of the pseudonym, and if so, allowing the user to access the desired one of the different services if the trust level of the selected pseudonym corresponds to the trust level required by the at least one service provider (SP1, SP2, SP3, SP 630).
2. The system of claim 1, wherein the D-ID is defined by the user and verified via a personal ID through the D-ID middleware (100, 320, 400, 520, 620).
3. The system of claim 1 or 2, wherein the trust level is assigned by the D-ID middleware (100, 320, 400, 520, 620) based on an authentication method and a manner of sending the at least one pseudonym and the corresponding root value from the D-ID agent (310, 510, 610) to the D-ID middleware (100, 320, 400, 520, 620).
4. The system according to claim 1 or 2, wherein for each root element the D-ID middleware (100, 320, 400, 520, 620) is configured to store a current secret counter in addition to the respective pseudonym and the corresponding root value.
5. The system of claim 4, wherein the secret counter is set to zero when the at least one pseudonym is generated, and the secret counter is automatically incremented each time a user uses a secret of the plurality of pseudonym-specific secrets.
6. The system of claim 5, wherein each of the plurality of alias-specific secrets is constructed on the basis of the alias, the current secret counter and a random value.
7. The system according to claim 1 or 2, wherein each secret of the plurality of alias-specific secrets is a one-time secret that can only be used once to access a service of a service provider (SP1, SP2, SP3, SP 630).
8. A system according to claim 1 or 2, wherein the user is able to generate different pseudonyms for corresponding different types of services.
9. The system of claim 1 or 2, wherein the D-ID agent (310, 510, 610) runs partially in a secure cloud.
10. A method for providing a user with respective access to different services of at least one service provider in a network via one only user-related unique digital identifier (D-ID) in view of privacy and security, the method comprising:
providing a D-ID agent running at least partially on any desired terminal device of the user;
generating, by the D-ID agent running at least in part on any desired terminal device of the user, a D-ID of the user, at least one pseudonym of the user, and a plurality of user-defined and pseudonym-specific secrets;
calculating, by the D-ID proxy, a root value of a Merkle tree having a pseudonym-specific name with the secret as its leaf using the plurality of secrets and a cryptographic hash function;
sending, by the D-ID agent to D-ID middleware, the at least one pseudonym and the corresponding root value, each encrypted using an authentication and encryption method;
providing the D-ID middleware as a middleware between the user and the at least one service provider for authentication of the user's D-ID;
receiving and maintaining, by the D-ID middleware, a D-ID of the user, a root element of a Merkle tree for each of at least one pseudonym of the user, and a trust level for each root element, the root element including a respective pseudonym and a corresponding root value; and
selecting one of the at least one pseudonym when the user intends to access a desired service of one of the different services of the at least one service provider, revealing, by the D-ID agent, the selected pseudonym, a secret of the plurality of pseudonym-specific secrets and a corresponding authentication path derived from the pseudonym-specific Merkle tree to a service provider, forwarding, by the service provider, the pseudonym to the D-ID middleware in order to receive a respective root value and trust level, and calculating, by the service provider, a root value based on the secret and the authentication path and verifying, by the service provider, whether it matches the root value for the pseudonym received from the D-ID middleware, thus verifying that the user is the owner of the pseudonym, and if so, at the trust level of the selected pseudonym and a trust level required by the at least one service provider And if so, allowing the user to access the at least one service.
11. The method of claim 10, wherein the trust level is assigned by the D-ID middleware based on an authentication method and a manner in which the at least one pseudonym and the corresponding root value are sent from the D-ID proxy to the D-ID middleware.
12. The method of claim 11, wherein the trust level is updated by using another authentication method when the at least one pseudonym and the corresponding root value, both encrypted, are sent to the D-ID middleware.
13. The method of claim 10, 11 or 12, wherein in case the user intends to access the one desired service, the service provider further receives a secret counter of a last used secret from the D-ID middleware and further verifies that the secret counter of the currently selected secret is equal to or larger than the secret counter of the last used secret.
14. A method according to claim 10, 11 or 12, wherein in case access to the service requires billing and the service provider is not allowed to get the D-ID of the user, billing information is taken over by the D-ID middleware and the D-ID middleware acts as a billing agent.
15. The method of claim 10, 11 or 12, wherein the user reveals a secret of the plurality of pseudonym-specific secrets and the respective authentication path as credentials to another user, and the other user accesses the one desired service once using the secret and the respective authentication path.
CN201710841119.5A 2016-09-20 2017-09-18 System and method for providing customers with access to different services of a service provider Active CN107846394B (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP16020338.6A EP3297242B1 (en) 2016-09-20 2016-09-20 A system and a method for providing a user with an access to different services of service providers
EP16020338.6 2016-09-20

Publications (2)

Publication Number Publication Date
CN107846394A CN107846394A (en) 2018-03-27
CN107846394B true CN107846394B (en) 2021-01-05

Family

ID=57003305

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710841119.5A Active CN107846394B (en) 2016-09-20 2017-09-18 System and method for providing customers with access to different services of a service provider

Country Status (4)

Country Link
US (1) US10469454B2 (en)
EP (1) EP3297242B1 (en)
JP (1) JP6571145B2 (en)
CN (1) CN107846394B (en)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11265249B2 (en) * 2016-04-22 2022-03-01 Blue Armor Technologies, LLC Method for using authenticated requests to select network routes
US10360390B2 (en) * 2016-12-14 2019-07-23 Sap Se Oblivious order-preserving encryption
US10798645B2 (en) * 2018-06-15 2020-10-06 Juniper Networks, Inc. Extending subscriber services to roaming wireless user equipment
JP6501236B1 (en) * 2018-07-18 2019-04-17 瑞明 飯島 Credit guarantee system
US11336462B1 (en) 2019-09-10 2022-05-17 Wells Fargo Bank, N.A. Systems and methods for post-quantum cryptography optimization
CN111131455B (en) * 2019-12-24 2021-06-04 深信服科技股份有限公司 Data proxy method, device, equipment and storage medium
US11334667B1 (en) 2020-01-17 2022-05-17 Wells Fargo Bank, N.A. Systems and methods for disparate quantum computing threat detection
US11366897B1 (en) 2020-01-17 2022-06-21 Wells Fargo Bank, N.A. Systems and methods for layered quantum computing detection
US12126713B1 (en) 2020-01-17 2024-10-22 Wells Fargo Bank, N.A. Systems and methods for quantum computing threat detection
CN111428226B (en) * 2020-03-24 2022-06-10 中安云科科技发展(山东)有限公司 Method for safely calling password card interface
CN116260583A (en) * 2021-12-02 2023-06-13 中兴通讯股份有限公司 Identity authentication method, electronic device, and computer-readable storage medium

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1745356A (en) * 2002-03-18 2006-03-08 特伦诺有限公司 Single sign-on secure service access

Family Cites Families (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6959336B2 (en) * 2001-04-07 2005-10-25 Secure Data In Motion, Inc. Method and system of federated authentication service for interacting between agent and client and communicating with other components of the system to choose an appropriate mechanism for the subject from among the plurality of authentication mechanisms wherein the subject is selected from humans, client applications and applets
WO2005027008A1 (en) * 2003-09-10 2005-03-24 Ntt Docomo, Inc. Method and apparatus for secure and small credits for verifiable service provider metering
US7873572B2 (en) 2004-02-26 2011-01-18 Reardon David C Financial transaction system with integrated electronic messaging, control of marketing data, and user defined charges for receiving messages
WO2007024970A2 (en) * 2005-08-22 2007-03-01 The State Of Oregon Acting By And Through The State Board Of Higher Security protocols for hybrid peer-to-peer file sharing networks
CN101155032A (en) * 2006-09-25 2008-04-02 日电(中国)有限公司 Warrant system capable of anonymous selection and its method
US8171536B2 (en) 2007-05-23 2012-05-01 Sony Computer Entertainment America Inc. Method and apparatus for authenticating users in a network
CN101335622B (en) * 2007-06-27 2012-08-29 日电(中国)有限公司 Method and apparatus for distributed authorization using anonymous flexible certificate
US8955035B2 (en) * 2010-12-16 2015-02-10 Microsoft Corporation Anonymous principals for policy languages
JP2014522009A (en) * 2011-04-25 2014-08-28 アルカテル−ルーセント Privacy protection in recommended services
US9509506B2 (en) * 2011-09-30 2016-11-29 Los Alamos National Security, Llc Quantum key management
KR101496212B1 (en) 2013-03-28 2015-02-27 주식회사 투게더 The data transmiting apparatus for recording visiting data of a wireless communication device
CN113469670B (en) 2013-07-24 2024-04-05 维萨国际服务协会 System and method for ensuring data transfer risk using tokens
US9521125B2 (en) * 2014-03-13 2016-12-13 Intel Corporation Pseudonymous remote attestation utilizing a chain-of-trust
US10841097B2 (en) * 2016-07-08 2020-11-17 Mastercard International Incorporated Method and system for verification of identity attribute information

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1745356A (en) * 2002-03-18 2006-03-08 特伦诺有限公司 Single sign-on secure service access

Also Published As

Publication number Publication date
JP6571145B2 (en) 2019-09-04
EP3297242A1 (en) 2018-03-21
US20180083960A1 (en) 2018-03-22
EP3297242B1 (en) 2018-09-05
CN107846394A (en) 2018-03-27
JP2018050294A (en) 2018-03-29
US10469454B2 (en) 2019-11-05

Similar Documents

Publication Publication Date Title
CN107846394B (en) System and method for providing customers with access to different services of a service provider
US10667131B2 (en) Method for connecting network access device to wireless network access point, network access device, and application server
KR102229739B1 (en) Key management system and method
CN106209749B (en) Single sign-on method and device, and related equipment and application processing method and device
US9461820B1 (en) Method and apparatus for providing a conditional single sign on
US11190504B1 (en) Certificate-based service authorization
US7591008B2 (en) Client authentication using multiple user certificates
EP2544117A1 (en) Method and system for sharing or storing personal data without loss of privacy
US8904504B2 (en) Remote keychain for mobile devices
US20180375648A1 (en) Systems and methods for data encryption for cloud services
JP2022533890A (en) Computing system and method for providing session access based on authentication tokens with different authentication credentials
US20240322996A1 (en) System and method for pre-shared key (psk) based selective encryption of partial sections of messages
US11100209B2 (en) Web client authentication and authorization
US10027491B2 (en) Certificate distribution using derived credentials
US9443069B1 (en) Verification platform having interface adapted for communication with verification agent
US20150249639A1 (en) Method and devices for registering a client to a server
EP3367607B1 (en) Communication device, communication method and computer program
US9344427B1 (en) Facilitating multiple authentications
US12015721B1 (en) System and method for dynamic retrieval of certificates with remote lifecycle management
US20200053059A1 (en) Secure Method to Replicate On-Premise Secrets in a Cloud Environment
Kinastowski Signing cloud: Towards qualified electronic signature service in cloud
CA3225987A1 (en) End to end encryption with roaming capabilities
CN115766268A (en) Processing method, device, equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant